Ip Netns

hands-on ip netns

```shell [root@localhost ~]# ip netns add nettest [root@localhost ~]# ip netns add nstest [root@localhost ~]# ip netns nstest nettest [root@localhost ~]# ip netns del nettest [root@localhost ~]# ip netns nstest [root@localhost ~]# ip netns list nstest [root@localhost ~]# ip netns exec nstest ip add 1: lo: mtu 65536 qdisc noop state DOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 [root@localhost ~]# ip netns exec nstest bash [root@localhost ~]# ip netns exec nstest ip link set dev lo up [root@localhost ~]# ip netns exec nstest ip link 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

[root@localhost ~]# ip link add veth-a type veth peer name veth-b [root@localhost ~]# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 08:00:27:30:8a:02 brd ff:ff:ff:ff:ff:ff 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 08:00:27:24:09:c1 brd ff:ff:ff:ff:ff:ff 4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default link/ether 02:42:e3:0c:18:5c brd ff:ff:ff:ff:ff:ff 9: veth-b@veth-a: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether 8e:21:5e:5e:7c:41 brd ff:ff:ff:ff:ff:ff 10: veth-a@veth-b: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether 32:f2:9d:b7:80:b5 brd ff:ff:ff:ff:ff:ff [root@localhost ~]# ip link set veth-b netns nstest [root@localhost ~]# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 08:00:27:30:8a:02 brd ff:ff:ff:ff:ff:ff 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 08:00:27:24:09:c1 brd ff:ff:ff:ff:ff:ff 4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default link/ether 02:42:e3:0c:18:5c brd ff:ff:ff:ff:ff:ff 10: veth-a@if9: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether 32:f2:9d:b7:80:b5 brd ff:ff:ff:ff:ff:ff link-netnsid 0 [root@localhost ~]# ip netns exec nstest ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 9: veth-b@if10: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 8e:21:5e:5e:7c:41 brd ff:ff:ff:ff:ff:ff link-netnsid 0 [root@localhost ~]# ip addr add 10.0.0.1/24 dev veth-a [root@localhost ~]# ip a valid_lft forever preferred_lft forever 10: veth-a@if9: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 32:f2:9d:b7:80:b5 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 10.0.0.1/24 scope global veth-a valid_lft forever preferred_lft forever [root@localhost ~]# ip link set dev veth-a up [root@localhost ~]# ip a

10: veth-a@if9: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000 link/ether 32:f2:9d:b7:80:b5 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 10.0.0.1/24 scope global veth-a valid_lft forever preferred_lft forever

[root@localhost ~]# ip netns exec nstest ip addr add 10.0.0.2/24 dev veth-b [root@localhost ~]# ip netns exec nstest ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 9: veth-b@if10: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 8e:21:5e:5e:7c:41 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 10.0.0.2/24 scope global veth-b valid_lft forever preferred_lft forever [root@localhost ~]# ip netns exec nstest ip link set dev veth-b up [root@localhost ~]# ip netns exec nstest ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 9: veth-b@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 8e:21:5e:5e:7c:41 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 10.0.0.2/24 scope global veth-b valid_lft forever preferred_lft forever inet6 fe80::8c21:5eff:fe5e:7c41/64 scope link valid_lft forever preferred_lft forever [root@localhost ~]#

ip route\

10.0.0.0/24 dev veth-a proto kernel scope link src 10.0.0.1

You have mail in /var/spool/mail/root [root@localhost ~]# ip netns exec nstest ip route 10.0.0.0/24 dev veth-b proto kernel scope link src 10.0.0.2

[root@localhost ~]# ping 10.0.0.2 PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.083 ms

[root@localhost ~]# ip netns exec nstest ping 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.085 ms

[root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9159626b44dd busybox “sh” 7 minutes ago Up 7 minutes quizzical_mahavira [root@localhost ~]# docker inspect –format ‘’ quizzical_mahavira 6072 [root@localhost ~]# ln -s /proc/6072/ns/net /var/run/netns/busy2 [root@localhost ~]# ip netns exec busy2 ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 11: eth0@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 172.17.0.2/16 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::42:acff:fe11:2/64 scope link valid_lft forever preferred_lft forever

[root@localhost ~]# ip netns busy2 (id: 2) ns2 (id: 1) nstest (id: 0) [root@localhost ~]# ls /var/run/netns/ busy2 ns2 nstest

```shell